diff options
Diffstat (limited to 'modules-available/statistics/page.inc.php')
| -rw-r--r-- | modules-available/statistics/page.inc.php | 101 |
1 files changed, 74 insertions, 27 deletions
diff --git a/modules-available/statistics/page.inc.php b/modules-available/statistics/page.inc.php index ea5b6f03..5fe4ebfa 100644 --- a/modules-available/statistics/page.inc.php +++ b/modules-available/statistics/page.inc.php @@ -21,6 +21,8 @@ class Page_Statistics extends Page private $query; + private $locationsAllowedToView; + /** * @var bool whether we have a SubPage from the pages/ subdir */ @@ -102,6 +104,11 @@ class Page_Statistics extends Page 'type' => 'string', 'column' => true ], + 'hostname' => [ + 'op' => Page_Statistics::$op_stringcmp, + 'type' => 'string', + 'column' => true + ], 'subnet' => [ 'op' => Page_Statistics::$op_nominal, 'type' => 'string', @@ -117,7 +124,12 @@ class Page_Statistics extends Page 'type' => 'enum', 'column' => true, 'values' => ['occupied', 'on', 'off', 'idle', 'standby'] - ] + ], + 'runtime' => [ + 'op' => Page_Statistics::$op_ordinal, + 'type' => 'int', + 'column' => true + ], ]; if (Module::isAvailable('locations')) { Page_Statistics::$columns['location'] = [ @@ -134,11 +146,14 @@ class Page_Statistics extends Page { $this->initConstants(); User::load(); - if (!User::hasPermission('superadmin')) { + if (!User::isLoggedIn()) { Message::addError('main.no-permission'); Util::redirect('?do=Main'); } + $this->locationsAllowedToView = User::getAllowedLocations("view"); + + $show = Request::any('show', 'stat', 'string'); $show = preg_replace('/[^a-z0-9_\-]/', '', $show); @@ -153,16 +168,20 @@ class Page_Statistics extends Page $action = Request::post('action'); if ($action === 'setnotes') { $uuid = Request::post('uuid', '', 'string'); - $text = Request::post('content', '', 'string'); - if (empty($text)) { - $text = null; + $locationid = Database::queryFirst('SELECT locationid FROM machine WHERE machineuuid = :uuid', + array('uuid' => $uuid))['locationid']; + if (User::hasPermission("note", $locationid)) { + $text = Request::post('content', '', 'string'); + if (empty($text)) { + $text = null; + } + Database::exec('UPDATE machine SET notes = :text WHERE machineuuid = :uuid', array( + 'uuid' => $uuid, + 'text' => $text, + )); + Message::addSuccess('notes-saved'); + Util::redirect('?do=Statistics&uuid=' . $uuid); } - Database::exec('UPDATE machine SET notes = :text WHERE machineuuid = :uuid', array( - 'uuid' => $uuid, - 'text' => $text, - )); - Message::addSuccess('notes-saved'); - Util::redirect('?do=Statistics&uuid=' . $uuid); } elseif ($action === 'delmachines') { $this->deleteMachines(); Util::redirect('?do=statistics', true); @@ -188,10 +207,12 @@ class Page_Statistics extends Page $res = Database::simpleQuery('SELECT machineuuid, locationid FROM machine WHERE machineuuid IN (:ids)', compact('ids')); $ids = array_flip($ids); $delete = []; + $allowedLocations = User::getAllowedLocations("delete"); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { - // TODO: Check locationid permissions - unset($ids[$row['machineuuid']]); - $delete[] = $row['machineuuid']; + if (in_array($row['locationid'], $allowedLocations)) { + unset($ids[$row['machineuuid']]); + $delete[] = $row['machineuuid']; + } } if (!empty($delete)) { Database::exec('DELETE FROM machine WHERE machineuuid IN (:delete)', compact('delete')); @@ -277,7 +298,8 @@ class Page_Statistics extends Page foreach (Location::getLocations() as $loc) { $locsFlat['L' . $loc['locationid']] = array( 'pad' => $loc['locationpad'], - 'name' => $loc['locationname'] + 'name' => $loc['locationname'], + 'disabled' => !in_array($loc['locationid'], $this->locationsAllowedToView) ); } } @@ -333,8 +355,9 @@ class Page_Statistics extends Page private function showSummary($filterSet) { $filterSet->makeFragments($where, $join, $sort, $args); - - $known = Database::queryFirst("SELECT Count(*) AS val FROM machine $join WHERE ($where)", $args); + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; + $known = Database::queryFirst("SELECT Count(*) AS val FROM machine $join WHERE $where", $args); // If we only have one machine, redirect to machine details if ($known['val'] == 1) { $this->redirectFirst($where, $join, $args); @@ -394,7 +417,8 @@ class Page_Statistics extends Page global $STATS_COLORS; $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $res = Database::simpleQuery('SELECT systemmodel, Round(AVG(realcores)) AS cores, Count(*) AS `count` FROM machine' . " $join WHERE $where GROUP BY systemmodel ORDER BY `count` DESC, systemmodel ASC", $args); $lines = array(); @@ -427,7 +451,8 @@ class Page_Statistics extends Page global $STATS_COLORS, $SIZE_RAM; $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $res = Database::simpleQuery("SELECT mbram, Count(*) AS `count` FROM machine $join WHERE $where GROUP BY mbram", $args); $lines = array(); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { @@ -473,7 +498,8 @@ class Page_Statistics extends Page private function showKvmState($filterSet) { $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $colors = array('UNKNOWN' => '#666', 'UNSUPPORTED' => '#ea5', 'DISABLED' => '#e55', 'ENABLED' => '#6d6'); $res = Database::simpleQuery("SELECT kvmstate, Count(*) AS `count` FROM machine $join WHERE $where GROUP BY kvmstate ORDER BY `count` DESC", $args); $lines = array(); @@ -497,7 +523,8 @@ class Page_Statistics extends Page global $STATS_COLORS, $SIZE_ID44; $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $res = Database::simpleQuery("SELECT id44mb, Count(*) AS `count` FROM machine $join WHERE $where GROUP BY id44mb", $args); $lines = array(); $total = 0; @@ -549,7 +576,8 @@ class Page_Statistics extends Page private function showLatestMachines($filterSet) { $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $args['cutoff'] = ceil(time() / 3600) * 3600 - 86400 * 10; $res = Database::simpleQuery("SELECT machineuuid, clientip, hostname, firstseen, mbram, kvmstate, id44mb FROM machine $join" @@ -583,7 +611,8 @@ class Page_Statistics extends Page { Module::isAvailable('js_stupidtable'); $filterSet->makeFragments($where, $join, $sort, $args); - + $args['allowedLocations'] = $this->locationsAllowedToView; + $where = "locationid IN (:allowedLocations) AND ($where)"; $xtra = ''; if ($filterSet->isNoId44Filter()) { $xtra .= ', data'; @@ -594,18 +623,20 @@ class Page_Statistics extends Page $join .= ' LEFT JOIN runmode USING (machineuuid) '; } } - $res = Database::simpleQuery('SELECT machineuuid, macaddr, clientip, lastseen,' + $res = Database::simpleQuery('SELECT machineuuid, locationid, macaddr, clientip, lastseen,' . ' logintime, state, realcores, mbram, kvmstate, cpumodel, id44mb, hostname, notes IS NOT NULL AS hasnotes,' . ' badsectors ' . $xtra . ' FROM machine' . " $join WHERE $where $sort", $args); $rows = array(); $singleMachine = 'none'; + $deleteAllowedLocations = User::getAllowedLocations("delete"); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { if ($singleMachine === 'none') { $singleMachine = $row['machineuuid']; } else { $singleMachine = false; } + $row['deleteAllowed'] = in_array($row['locationid'], $deleteAllowedLocations); $row['state_' . $row['state']] = true; //$row['firstseen'] = Util::prettyTime($row['firstseen']); $row['lastseen_int'] = $row['lastseen']; @@ -630,6 +661,13 @@ class Page_Statistics extends Page } } $row['cpumodel'] = preg_replace('/\(R\)|\(TM\)|\bintel\b|\bamd\b|\bcpu\b|dual-core|\bdual\s+core\b|\bdual\b|\bprocessor\b/i', ' ', $row['cpumodel']); + if (!empty($row['rmmodule'])) { + $data = RunMode::getRunMode($row['machineuuid'], RunMode::DATA_STRINGS); + if ($data !== false) { + $row['moduleName'] = $data['moduleName']; + $row['modeName'] = $data['modeName']; + } + } $rows[] = $row; } if ($singleMachine !== false && $singleMachine !== 'none') { @@ -749,6 +787,10 @@ class Page_Statistics extends Page Message::addError('unknown-machine', $uuid); return; } + if (!in_array($client['locationid'], $this->locationsAllowedToView)) { + Message::addError('main.no-permission'); + return; + } // Hack: Get raw collected data if (Request::get('raw', false)) { Header('Content-Type: text/plain; charset=utf-8'); @@ -912,9 +954,9 @@ class Page_Statistics extends Page // Not seen in last two weeks $spans['graph'] .= '<div style="background:#444;left:0;width:100%"> </div>'; } - if (isset($client['state_occupied'])) { + if ($client['state'] === 'OCCUPIED') { $spans['graph'] .= '<div style="background:#e99;left:' . round(($client['logintime'] - $cutoff) * $scale, 2) . '%;width:' . round(($NOW - $client['logintime'] + 900) * $scale, 2) . '%"> </div>'; - } elseif (isset($client['state_off'])) { + } elseif ($client['state'] === 'OFFLINE') { $spans['graph'] .= '<div style="background:#444;left:' . round(($client['lastseen'] - $cutoff) * $scale, 2) . '%;width:' . round(($NOW - $client['lastseen'] + 900) * $scale, 2) . '%"> </div>'; } $t = explode('-', date('Y-n-j-G', $cutoff)); @@ -960,6 +1002,7 @@ class Page_Statistics extends Page )); } // Notes + $client["notesAllowed"] = User::hasPermission("note", $client["locationid"]); Render::addTemplate('machine-notes', $client); } @@ -1026,7 +1069,11 @@ class Page_Statistics extends Page public static function getPciId($cat, $id) { - return Database::queryFirst('SELECT value, dateline FROM pciid WHERE category = :cat AND id = :id LIMIT 1', + static $cache = []; + $key = $cat . '-' . $id; + if (isset($cache[$key])) + return $cache[$key]; + return $cache[$key] = Database::queryFirst('SELECT value, dateline FROM pciid WHERE category = :cat AND id = :id LIMIT 1', array('cat' => $cat, 'id' => $id)); } |